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DETAILED ACTION 
Response to Amendment 

1 . The amendment filed on 12/21/2007 lias been considered and is effective to 
overcome Droms et al. reference. Therefore the rejection of claims 1-25 communicated 
via office action of 09/1 2/2007 has been withdrawn. However a new ground(s) of 
rejection has been made in this office action in view of Droms et al and newly found 
references Donaldson and Fan et al. Rejection follows. 

2. Claims 1-25 is pending in the application. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-17 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Droms et al [US Pat: 7,143,435] in view of Donaldson [US Pat: 7,249,175]. 
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Regarding claim 1, Droms et al in the invention of "Method and Apparatus for 
Registering Auto-Configured Network Addresses Based on Connection Authentication" 
disclosed a method of developing an access control list, comprising: developing an 
enhanced access control list (item 146 of Fig 1) including data related to at least one of 
user names (user groups), DNS names, Windows domain names, and physical 
addresses (col 8, lines 30-62); DNS names into corresponding IP addresses according 
to data in the enhanced access control list (col 9, lines 1-27); and physical addresses 
(MAC address) into IP addresses according to data in the enhanced access control list 
(col 10, lines 16-32, col 12, lines 21-32); and developing the access control list from 
each of the operations of converting (col 9, lines 14-27), but fails to disclose converting 
at least one of user names into corresponding IP address. However, Donaldson in the 
invention of "Method and System for Blocking E-Mail having a Nonexistent Sender 
Address" disclosed a method for converting user names into corresponding IP 
addresses (Fig 8, col 13, lines 17-33). 

Therefore it would have been obvious for one of the ordinary skill in the art at the 
time the invention of made to include the method of converting user names into 
corresponding IP address as taught by Donaldson in the system of Droms et al to covert 
user names and physical addresses into IP addresses. One is motivated as such in 
order to determine an IP address with minimum latency to route an information packet 
based on user name and physical address. 

Regarding claim 2, Droms et al disclosed storing the user names and 
corresponding IP addresses in a mapping state database that defines current 
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relationships among user names (col 7, lines 24-35), DNS names, domain names (col 
12, lines 21-32), and pinysical addresses (col 11, lines 20-28). 

Regarding claims 3, 1 1, Droms et al disclosed that each physical address 
comprises a MAC address (col 10, lines 16-23). 

Regarding claims 4, 13, Droms et al disclosed that converting user names into 
corresponding IP and physical addresses according to data in the enhanced 
access control list comprises: detecting login packets (authentication, user ID and 
password) being communicated over the network; determining a MAC address from 
the login packets (col 2, lines 17-25); detecting server message block login packets 
being communicated over the network (col 2, lines 25-37); and determining an IP 
address from the server message block login packets; and developing records in the 
access control list using the obtained IP address for the respective user name (col 2, 
lines 38-52, col 8, lines 30-62). 

Regarding claims 5-6,13-14, Droms et al disclosed converting DNS names into 
corresponding IP addresses according to data in the enhanced access control list 
comprises: detecting packets having an unknown source IP address (col 9, lines 14- 
24); generating a DNS name query using the source IP address (col 9, lines 24-27); 
receiving a DNS name associated with the IP address responsive to the query; and 
developing records in the access control list using the obtained IP address for the 
respective DNS name (col 8, lines 30-62) and occasionally generating new DNS name 
queries for the source IP address and thereafter repeating the operations of receiving 
and developing to update the access control list (col 12, lines 21-33).. 
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Regarding claims 7, 15, Droms et al disclosed occasionally receiving the DNS 
name associated with the IP address and thereafter repeating the operation of 
developing to update the access control list (col 12, lines 66-67, col 13,lines 1-9). 

Regarding claims 8,17, Droms et al disclosed converting physical addresses 
into IP addresses according to data in the enhanced access control list comprises: 
monitoring DHCP packets communicated over the network (col 13,llnes 10-15); 
obtaining an IP address assigned to a particular physical address from the monitored 
DHCP packets (col 11, lines 20-24); and developing records in the access control list 
using the obtained IP address assigned to a respective physical address (col 11, lines 
25-36). 

Regarding claims 9-10, Droms et al disclosed a method of controlling access of a 
user to a network including a plurality of hosts coupled together through a network 
switch (item 102 of Fig 1), the method comprising: storing in the network switch an 
enhanced access control list containing data related to at least one of user names (user 
groups, col 7, lines 24-35), DNS names, Windows domain names, and physical 
addresses (col 11, lines 20-28, col 12, lines 28-31); and generating a dynamic access 
control list from the enhanced access control list, the dynamic access control list 
containing a plurality of IP addresses that restrict access of the user to the network (col 
16, lines 21-32) and mapping user names to physical addresses; mapping physical 
addresses to IP addresses (col 10, lines 16-32); mapping unknown IP addresses to 
physical addresses; and mapping unknown IP addresses to DNS names (col 8, lines 
30-62); and applying rules set forth in the enhanced access control list relating to 
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controlling access of a user to the addresses determined by the operations of mapping 
to generate the access control list (col 9, lines 9-27), but fails to disclose mapping user 
names to IP addresses. 

However, Donaldson disclosed a method for converting user names into 
corresponding IP addresses (Fig 8, col 13, lines 17-33). 

Therefore it would have been obvious for one of the ordinary skill in the art at the 
time the invention of made to include the method of converting user names into 
corresponding IP address as taught by Donaldson in the system of Droms et al to covert 
user names and physical addresses into IP addresses. One is motivated as such in 
order to determine an IP address with minimum latency to route an information packet 
based on user name and physical address. 

Regarding claims 12, 16, Droms et al disclosed that the mapping user names to 
IP addresses comprises: detecting server message block login packets being 
communicated over the network (col 12, lines 50-67); and determining an IP address 
from the server message block login packets and mapping unknown IP addresses to 
physical addresses comprises detecting packets having an unknown source IP address 
(col 13, lines 1-18). 

5. Claims 18-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Droms et al [US Pat: 7,143,435] in view of Fan et al [US Pat: 6,219,706]. 

Regarding claims 18, 22, Droms et al disclosed a network switching circuit (Figs 
1-2,6), comprising: a forwarding circuit (item 103 of Fig 1) operable to detect specific 
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received pacl<ets and to provide tlie specific packets on a processor port (item 104a of 
Figs 1,6, col 7, lines 10-25, col 17, lines 5-27), and further operable to receive packets 
on one of a plurality of ports including the processor port (items 104 of Fig 1) and to 
forward each received packet to a port corresponding to a destination address 
contained in the packet subject to access restrictions contained in a dynamic access 
control list (col 9, lines 9-23); a memory circuit (item 606 of Fig 6) coupled to the 
forwarding circuit (item 142 of Fig 1, col 9, lines 9-28), the memory circuit operable to 
store packets and operable to store an enhanced access control list and a dynamic 
access control list; and a processor (item 604 of Fig 6) coupled to the forwarding circuit 
and to the memory circuit (col 7, lines 25-64) the processor operable to define the 
specific packets detected by the forwarding circuit and operable to process the specific 
packets stored in the memory circuit using the enhanced access control list to generate 
the dynamic access control list (col 10, lines 28-57), but fails to disclose storing the 
dynamic access control list in the memory circuit, and further operable to provide the 
specific packets to the processor port of the forwarding circuit after processing the 
packets. However, Fan et al in the invention of "Access Control for Networks" disclosed 
a method to storing, updating and generating the dynamic access control list (ACL, col 
13, lines 11-25) in the memory circuit (item 261 of Fig 2) based up on the type of 
application and protocol (col 2, lines 51-65) to provide specific packets to the processor 
port (item 263 of Fig 2) of the forwarding circuit after processing the packets (col 6, 
lines 1-10, Fig 2). 
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Therefore it would have been obvious for one of the ordinary sl<ill in the art at the 
time the invention of made to include the method of storing, updating and generating the 
dynamic access control list in the memory circuit based up on the type of application 
and protocol to provide specific packets to the processor port of the forwarding circuit 
after processing the packets as taught by Fan et al in the system of Droms et a! store 
the dynamic access control list in the memory circuit, and further operable to provide the 
specific packets to the processor port of the forwarding circuit after processing the 
packets. One is motivated as such in order to store, update and generate dynamic 
access control list in the memory circuit based up on the type of application to forward 
specific packets to the processor to efficiently process and route packets to destination 
ports. 

Regarding claims 12, 16, Droms et al disclosed that the mapping user names to 
IP addresses comprises: detecting server message block login packets being 
communicated over the network (col 12, lines 50-67); and determining an IP address 
from the server message block login packets and mapping unknown IP addresses to 
physical addresses comprises detecting packets having an unknown source IP address 
(col 13, lines 1-18). 

Regarding claim 19, Droms et al disclosed that the processor further comprises a 
direct memory access controller coupled between the forwarding engine and the 
memory (col 10, lines 40-57). 

Regarding claims 20, 24, Droms et al disclosed the switch comprises an Ethernet 
switch and wherein the packets comprise Ethernet packets (col 6, lines 41-45). 
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Regarding claims 21, 25, Droms et a! disclosed wlierein tlie enlianced access 
control list comprises user names (col 7, lines 24-35, col 8, lines 30-62), DNS names 
(col 12, lines 21-32), Windows domain names, and physical addresses (col 11, lines 
20-28). 

Regarding claim 23, Droms et al disclosed at least some of the hosts comprise 
personal computer systems (col 6, lines 5-10, Fig 6). 

Response to Arguments 

6. Applicant's argument, see remarks, filed on 12/21/2007, with respect to rejection 
of claims 1-25 have been fully considered and are persuasive. Therefore the rejection 
of claims 1-25 communicated via office action of 09/12/2007 has been withdrawn. 

Conclusion 

7. Any inquiry concerning this communication or earlier communications should be 
directed to the attention to Venkatesh Haliyur whose phone number is 571-272-8616. 
The examiner can normally be reached on Monday-Friday from 9:00AM to 5:00 PM. If 
attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached @ (571)-272-7884. Any inquiry of a general 
nature or relating to the status of this application or proceeding should be directed to the 
group receptionist whose telephone number is (571 )-272-2600 or fax to 571 -273-8300. 
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8. Information regarding tlie status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.qov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-21 7-91 97(toll-free). 

/Venkatesh Haliyur/ 
Examiner, Art Unit 2619 

/Edan Orgad/ 

Supervisory Patent Examiner, Art Unit 2619 


